From a00bcef261787474908ea0db397c4d413e2ff474 Mon Sep 17 00:00:00 2001
From: Pedro X <pxpm88@gmail.com>
Date: Mon, 28 Aug 2023 17:17:42 +0100
Subject: [PATCH 01/27] add email verification

---
 .../Controllers/Auth/RegisterController.php   | 10 +++-
 .../Auth/VerifyEmailController.php            | 59 +++++++++++++++++++
 src/app/Http/Controllers/CrudController.php   |  4 ++
 src/config/backpack/base.php                  |  7 +++
 src/routes/backpack/base.php                  |  6 ++
 5 files changed, 83 insertions(+), 3 deletions(-)
 create mode 100644 src/app/Http/Controllers/Auth/VerifyEmailController.php

diff --git a/src/app/Http/Controllers/Auth/RegisterController.php b/src/app/Http/Controllers/Auth/RegisterController.php
index f25d95669d..ea78890b47 100644
--- a/src/app/Http/Controllers/Auth/RegisterController.php
+++ b/src/app/Http/Controllers/Auth/RegisterController.php
@@ -6,7 +6,7 @@
 use Illuminate\Auth\Events\Registered;
 use Illuminate\Http\Request;
 use Illuminate\Routing\Controller;
-use Validator;
+use Illuminate\Support\Facades\Validator;
 
 class RegisterController extends Controller
 {
@@ -64,7 +64,7 @@ protected function validator(array $data)
      * Create a new user instance after a valid registration.
      *
      * @param  array  $data
-     * @return User
+     * @return \Illuminate\Contracts\Auth\Authenticatable
      */
     protected function create(array $data)
     {
@@ -99,7 +99,7 @@ public function showRegistrationForm()
      * Handle a registration request for the application.
      *
      * @param  \Illuminate\Http\Request  $request
-     * @return \Illuminate\Http\Response
+     * @return \Illuminate\Http\Response|\Illuminate\Contracts\View\View
      */
     public function register(Request $request)
     {
@@ -115,6 +115,10 @@ public function register(Request $request)
         event(new Registered($user));
         $this->guard()->login($user);
 
+        if (config('backpack.base.setup_email_verification_routes')) {
+            return view(backpack_view('auth.verify_email'));
+        }
+
         return redirect($this->redirectPath());
     }
 
diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
new file mode 100644
index 0000000000..957ee41405
--- /dev/null
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -0,0 +1,59 @@
+<?php
+
+namespace Backpack\CRUD\app\Http\Controllers\Auth;
+
+use App\Http\Requests\Request;
+use Illuminate\Routing\Controller;
+use Illuminate\Foundation\Auth\EmailVerificationRequest;
+use Prologue\Alerts\Facades\Alert;
+
+class VerifyEmailController extends Controller
+{
+    public null|string $redirectTo = null;
+    /**
+     * Create a new controller instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        $this->middleware(backpack_middleware());
+        $this->middleware('signed')->only('verifyEmail');
+        $this->middleware('throttle:6,1')->only('resendVerificationEmail');
+
+        if (! backpack_users_have_email()) {
+            abort(501, trans('backpack::base.no_email_column'));
+        }
+        // where to redirect after the email is verified
+        $this->redirectTo = property_exists($this, 'redirectTo') && $this->redirectTo ? $this->redirectTo : backpack_url('dashboard');
+    }
+
+    public function emailVerificationRequired()
+    {
+        return view(backpack_view('auth.verify-email'));
+    }
+
+    /**
+     * Verify the user's email address.
+     *
+     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
+     */
+    public function verifyEmail(EmailVerificationRequest $request) 
+    {
+        $request->fulfill();
+
+        return redirect($this->redirectTo);
+    }
+
+    /**
+     * Resend the email verification notification.
+     */
+    public function resendVerificationEmail(Request $request) : \Illuminate\Http\RedirectResponse
+    {
+        $request->user(backpack_guard_name())->sendEmailVerificationNotification();
+        
+        Alert::success('Email verification link sent successfully.')->flash();
+
+        return back()->with('status', 'verification-link-sent');  
+    }
+}
\ No newline at end of file
diff --git a/src/app/Http/Controllers/CrudController.php b/src/app/Http/Controllers/CrudController.php
index 7c103fa518..82aa389075 100644
--- a/src/app/Http/Controllers/CrudController.php
+++ b/src/app/Http/Controllers/CrudController.php
@@ -23,6 +23,10 @@ public function __construct()
             return;
         }
 
+        if(config('backpack.base.setup_veryfy_email_routes', false)) {
+            $this->middleware('verified');
+        }
+
         // ---------------------------
         // Create the CrudPanel object
         // ---------------------------
diff --git a/src/config/backpack/base.php b/src/config/backpack/base.php
index 6275f97186..85a628a196 100644
--- a/src/config/backpack/base.php
+++ b/src/config/backpack/base.php
@@ -55,6 +55,13 @@
     // Set this to false if you would like to skip adding the password recovery routes
     // (you then need to manually define the routes in your web.php)
     'setup_password_recovery_routes' => true,
+    
+    // Set this to true if you would like to enable email verification for your Authenticable model.
+    // Make sure your Authenticable model implements the MustVerifyEmail contract and your 
+    // database table contains the email_verified_at column.
+    // https://laravel.com/docs/10.x/verification#model-preparation
+    // https://laravel.com/docs/10.x/verification#database-preparation
+    'setup_email_verification_routes' => false,
 
     /*
     |--------------------------------------------------------------------------
diff --git a/src/routes/backpack/base.php b/src/routes/backpack/base.php
index d12548bb36..f8c2eebe16 100644
--- a/src/routes/backpack/base.php
+++ b/src/routes/backpack/base.php
@@ -38,6 +38,12 @@ function () {
                 Route::get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('backpack.auth.password.reset.token');
                 Route::post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('backpack.auth.password.email')->middleware('backpack.throttle.password.recovery:'.config('backpack.base.password_recovery_throttle_access'));
             }
+
+            if (config('backpack.base.setup_email_verification_routes', false)) {
+                Route::get('email/verify', 'VerifyEmailController@emailVerificationRequired')->name('verification.notice');
+                Route::get('email/verify/{id}/{hash}', 'VerifyEmailController@verifyEmail')->middleware('signed')->name('verification.verify');
+                Route::post('email/verification-notification', 'VerifyEmailController@resendVerificationEmail')->name('verification.send');
+            }
         }
 
         // if not otherwise configured, setup the dashboard routes

From 977276b8d358c75735e14ced3298aa98f5f335e7 Mon Sep 17 00:00:00 2001
From: StyleCI Bot <bot@styleci.io>
Date: Mon, 28 Aug 2023 16:18:16 +0000
Subject: [PATCH 02/27] Apply fixes from StyleCI

[ci skip] [skip ci]
---
 .../Http/Controllers/Auth/VerifyEmailController.php | 13 +++++++------
 src/app/Http/Controllers/CrudController.php         |  2 +-
 src/config/backpack/base.php                        |  4 ++--
 3 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index 957ee41405..343fe620c9 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -3,13 +3,14 @@
 namespace Backpack\CRUD\app\Http\Controllers\Auth;
 
 use App\Http\Requests\Request;
-use Illuminate\Routing\Controller;
 use Illuminate\Foundation\Auth\EmailVerificationRequest;
+use Illuminate\Routing\Controller;
 use Prologue\Alerts\Facades\Alert;
 
 class VerifyEmailController extends Controller
 {
     public null|string $redirectTo = null;
+
     /**
      * Create a new controller instance.
      *
@@ -38,7 +39,7 @@ public function emailVerificationRequired()
      *
      * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
      */
-    public function verifyEmail(EmailVerificationRequest $request) 
+    public function verifyEmail(EmailVerificationRequest $request)
     {
         $request->fulfill();
 
@@ -48,12 +49,12 @@ public function verifyEmail(EmailVerificationRequest $request)
     /**
      * Resend the email verification notification.
      */
-    public function resendVerificationEmail(Request $request) : \Illuminate\Http\RedirectResponse
+    public function resendVerificationEmail(Request $request): \Illuminate\Http\RedirectResponse
     {
         $request->user(backpack_guard_name())->sendEmailVerificationNotification();
-        
+
         Alert::success('Email verification link sent successfully.')->flash();
 
-        return back()->with('status', 'verification-link-sent');  
+        return back()->with('status', 'verification-link-sent');
     }
-}
\ No newline at end of file
+}
diff --git a/src/app/Http/Controllers/CrudController.php b/src/app/Http/Controllers/CrudController.php
index 82aa389075..e89c75349f 100644
--- a/src/app/Http/Controllers/CrudController.php
+++ b/src/app/Http/Controllers/CrudController.php
@@ -23,7 +23,7 @@ public function __construct()
             return;
         }
 
-        if(config('backpack.base.setup_veryfy_email_routes', false)) {
+        if (config('backpack.base.setup_veryfy_email_routes', false)) {
             $this->middleware('verified');
         }
 
diff --git a/src/config/backpack/base.php b/src/config/backpack/base.php
index 85a628a196..75c18e6d09 100644
--- a/src/config/backpack/base.php
+++ b/src/config/backpack/base.php
@@ -55,9 +55,9 @@
     // Set this to false if you would like to skip adding the password recovery routes
     // (you then need to manually define the routes in your web.php)
     'setup_password_recovery_routes' => true,
-    
+
     // Set this to true if you would like to enable email verification for your Authenticable model.
-    // Make sure your Authenticable model implements the MustVerifyEmail contract and your 
+    // Make sure your Authenticable model implements the MustVerifyEmail contract and your
     // database table contains the email_verified_at column.
     // https://laravel.com/docs/10.x/verification#model-preparation
     // https://laravel.com/docs/10.x/verification#database-preparation

From 0c65162d7060ed8165e5d1f0c6bdc7fa91732845 Mon Sep 17 00:00:00 2001
From: Pedro X <pxpm88@gmail.com>
Date: Tue, 29 Aug 2023 15:09:25 +0100
Subject: [PATCH 03/27] add email confirmation

---
 src/BackpackServiceProvider.php               | 20 +++++++++++++
 .../Auth/VerifyEmailController.php            | 21 +++++++------
 src/app/Http/Controllers/CrudController.php   |  4 ---
 .../Middleware/EnsureEmailVerification.php    | 30 +++++++++++++++++++
 .../Requests/EmailVerificationRequest.php     | 14 +++++++++
 src/config/backpack/base.php                  |  5 ++++
 src/resources/lang/en/base.php                |  6 ++++
 src/routes/backpack/base.php                  |  6 ++--
 8 files changed, 88 insertions(+), 18 deletions(-)
 create mode 100644 src/app/Http/Middleware/EnsureEmailVerification.php
 create mode 100644 src/app/Http/Requests/EmailVerificationRequest.php

diff --git a/src/BackpackServiceProvider.php b/src/BackpackServiceProvider.php
index dddcd142dd..d60b8aefaa 100644
--- a/src/BackpackServiceProvider.php
+++ b/src/BackpackServiceProvider.php
@@ -3,6 +3,7 @@
 namespace Backpack\CRUD;
 
 use Backpack\Basset\Facades\Basset;
+use Backpack\CRUD\app\Http\Middleware\EnsureEmailVerification;
 use Backpack\CRUD\app\Http\Middleware\ThrottlePasswordRecovery;
 use Backpack\CRUD\app\Library\CrudPanel\CrudPanel;
 use Backpack\CRUD\app\Library\Database\DatabaseSchema;
@@ -129,6 +130,25 @@ public function registerMiddlewareGroup(Router $router)
         if (config('backpack.base.setup_password_recovery_routes')) {
             $router->aliasMiddleware('backpack.throttle.password.recovery', ThrottlePasswordRecovery::class);
         }
+
+        // register the verified middleware in the backpack middleware group
+        // but only if functionality is enabled by developer in config
+        if (config('backpack.base.setup_email_verification_routes', false)) {
+            // developers that updated to 10.x but didn't add the aliases into their Kernel.php
+            // would get an error when trying to use the verified/signed middlewares
+            // we ensure they'r properly aliased if not previously set by developer
+            $routeMiddlewares = $router->getMiddleware();
+
+            if(! in_array('verified', array_keys($routeMiddlewares))) {
+                $router->aliasMiddleware('verified', \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class);
+            }
+            
+            if(! in_array('signed', array_keys($routeMiddlewares))) {
+                $router->aliasMiddleware('signed', \Illuminate\Routing\Middleware\ValidateSignature::class);
+            }
+
+            $router->pushMiddlewareToGroup($middleware_key, EnsureEmailVerification::class);
+        }
     }
 
     public function publishFiles()
diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index 343fe620c9..97429a0424 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -2,15 +2,14 @@
 
 namespace Backpack\CRUD\app\Http\Controllers\Auth;
 
-use App\Http\Requests\Request;
-use Illuminate\Foundation\Auth\EmailVerificationRequest;
 use Illuminate\Routing\Controller;
+use Backpack\CRUD\app\Http\Requests\EmailVerificationRequest;
 use Prologue\Alerts\Facades\Alert;
+use Illuminate\Http\Request;
 
 class VerifyEmailController extends Controller
 {
     public null|string $redirectTo = null;
-
     /**
      * Create a new controller instance.
      *
@@ -20,16 +19,16 @@ public function __construct()
     {
         $this->middleware(backpack_middleware());
         $this->middleware('signed')->only('verifyEmail');
-        $this->middleware('throttle:6,1')->only('resendVerificationEmail');
+        $this->middleware('throttle:'.config('backpack.base.email_verification_throttle_access'))->only('resendVerificationEmail');
 
         if (! backpack_users_have_email()) {
-            abort(501, trans('backpack::base.no_email_column'));
+            abort(500, trans('backpack::base.no_email_column'));
         }
         // where to redirect after the email is verified
         $this->redirectTo = property_exists($this, 'redirectTo') && $this->redirectTo ? $this->redirectTo : backpack_url('dashboard');
     }
 
-    public function emailVerificationRequired()
+    public function emailVerificationRequired() : \Illuminate\Contracts\View\View
     {
         return view(backpack_view('auth.verify-email'));
     }
@@ -39,7 +38,7 @@ public function emailVerificationRequired()
      *
      * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
      */
-    public function verifyEmail(EmailVerificationRequest $request)
+    public function verifyEmail(EmailVerificationRequest $request) 
     {
         $request->fulfill();
 
@@ -49,12 +48,12 @@ public function verifyEmail(EmailVerificationRequest $request)
     /**
      * Resend the email verification notification.
      */
-    public function resendVerificationEmail(Request $request): \Illuminate\Http\RedirectResponse
+    public function resendVerificationEmail(Request $request) : \Illuminate\Http\RedirectResponse
     {
         $request->user(backpack_guard_name())->sendEmailVerificationNotification();
-
+        
         Alert::success('Email verification link sent successfully.')->flash();
 
-        return back()->with('status', 'verification-link-sent');
+        return back()->with('status', 'verification-link-sent');  
     }
-}
+}
\ No newline at end of file
diff --git a/src/app/Http/Controllers/CrudController.php b/src/app/Http/Controllers/CrudController.php
index e89c75349f..7c103fa518 100644
--- a/src/app/Http/Controllers/CrudController.php
+++ b/src/app/Http/Controllers/CrudController.php
@@ -23,10 +23,6 @@ public function __construct()
             return;
         }
 
-        if (config('backpack.base.setup_veryfy_email_routes', false)) {
-            $this->middleware('verified');
-        }
-
         // ---------------------------
         // Create the CrudPanel object
         // ---------------------------
diff --git a/src/app/Http/Middleware/EnsureEmailVerification.php b/src/app/Http/Middleware/EnsureEmailVerification.php
new file mode 100644
index 0000000000..cce53f16b2
--- /dev/null
+++ b/src/app/Http/Middleware/EnsureEmailVerification.php
@@ -0,0 +1,30 @@
+<?php
+
+namespace Backpack\CRUD\app\Http\Middleware;
+
+use Closure;
+
+class EnsureEmailVerification
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        // if the route name is not one of the verification process, run the verification middleware
+        if (!in_array($request->route()->getName(), ['verification.notice', 'verification.verify', 'verification.send'])) {
+            // the Laravel middleware needs the user resolver to be set with the backpack guard
+            $userResolver = $request->getUserResolver();
+            $request->setUserResolver(function () use ($userResolver) {
+                return $userResolver(backpack_guard_name());
+            });
+            $verifiedMiddleware = new (app('router')->getMiddleware()['verified'])();
+            return $verifiedMiddleware->handle($request, $next);
+        }
+        return $next($request);
+    }
+}
diff --git a/src/app/Http/Requests/EmailVerificationRequest.php b/src/app/Http/Requests/EmailVerificationRequest.php
new file mode 100644
index 0000000000..665287e635
--- /dev/null
+++ b/src/app/Http/Requests/EmailVerificationRequest.php
@@ -0,0 +1,14 @@
+<?php
+
+namespace Backpack\CRUD\app\Http\Requests;
+
+use Illuminate\Foundation\Auth\EmailVerificationRequest as OriginalEmailVerificationRequest;
+
+class EmailVerificationRequest extends OriginalEmailVerificationRequest
+{
+    
+    public function user($guard = null)
+    {
+        return parent::user(backpack_guard_name());
+    }
+}
\ No newline at end of file
diff --git a/src/config/backpack/base.php b/src/config/backpack/base.php
index 75c18e6d09..b993afdc96 100644
--- a/src/config/backpack/base.php
+++ b/src/config/backpack/base.php
@@ -63,6 +63,11 @@
     // https://laravel.com/docs/10.x/verification#database-preparation
     'setup_email_verification_routes' => false,
 
+    // How many times in any given time period should the user be allowed to
+    // request a new verification email?
+    // Defaults to 1,10 - 1 time in 10 minutes.
+    'email_verification_throttle_access' => '2,10',
+
     /*
     |--------------------------------------------------------------------------
     | Security
diff --git a/src/resources/lang/en/base.php b/src/resources/lang/en/base.php
index 99a0ec9cbb..0aff9d2d5d 100644
--- a/src/resources/lang/en/base.php
+++ b/src/resources/lang/en/base.php
@@ -85,4 +85,10 @@
     'throttled'            => 'You have already requested a password reset recently. Please check your email. If you do not receive our email, please retry later.',
     'throttled_request'    => 'You have exceeded the limit of tries. Please wait a few minutes and try again.',
 
+    'verify_email' => [
+        'verification_link_sent' => 'A new verification link has been sent to the email address you provided during registration.',
+        'email_verification_required' => 'Thanks for signing up! Before getting started, could you verify your email address by clicking on the link we just emailed to you? If you didn\'t receive the email, we will gladly send you another.',
+        'resend_verification_link' => 'Resend verification link',
+        'email_subject'   => 'Verify your email address',
+    ]
 ];
diff --git a/src/routes/backpack/base.php b/src/routes/backpack/base.php
index f8c2eebe16..edcca8da0f 100644
--- a/src/routes/backpack/base.php
+++ b/src/routes/backpack/base.php
@@ -40,9 +40,9 @@ function () {
             }
 
             if (config('backpack.base.setup_email_verification_routes', false)) {
-                Route::get('email/verify', 'VerifyEmailController@emailVerificationRequired')->name('verification.notice');
-                Route::get('email/verify/{id}/{hash}', 'VerifyEmailController@verifyEmail')->middleware('signed')->name('verification.verify');
-                Route::post('email/verification-notification', 'VerifyEmailController@resendVerificationEmail')->name('verification.send');
+                Route::get('email/verify', 'Auth\VerifyEmailController@emailVerificationRequired')->name('verification.notice');
+                Route::get('email/verify/{id}/{hash}', 'Auth\VerifyEmailController@verifyEmail')->name('verification.verify');
+                Route::post('email/verification-notification', 'Auth\VerifyEmailController@resendVerificationEmail')->name('verification.send');
             }
         }
 

From 2f86b6efb70a5b351448d7253178cef6a2fbd011 Mon Sep 17 00:00:00 2001
From: StyleCI Bot <bot@styleci.io>
Date: Tue, 29 Aug 2023 14:09:42 +0000
Subject: [PATCH 04/27] Apply fixes from StyleCI

[ci skip] [skip ci]
---
 src/BackpackServiceProvider.php                 |  6 +++---
 .../Controllers/Auth/VerifyEmailController.php  | 17 +++++++++--------
 .../Http/Middleware/EnsureEmailVerification.php |  4 +++-
 .../Http/Requests/EmailVerificationRequest.php  |  3 +--
 src/resources/lang/en/base.php                  |  2 +-
 5 files changed, 17 insertions(+), 15 deletions(-)

diff --git a/src/BackpackServiceProvider.php b/src/BackpackServiceProvider.php
index d60b8aefaa..555827eb41 100644
--- a/src/BackpackServiceProvider.php
+++ b/src/BackpackServiceProvider.php
@@ -139,11 +139,11 @@ public function registerMiddlewareGroup(Router $router)
             // we ensure they'r properly aliased if not previously set by developer
             $routeMiddlewares = $router->getMiddleware();
 
-            if(! in_array('verified', array_keys($routeMiddlewares))) {
+            if (! in_array('verified', array_keys($routeMiddlewares))) {
                 $router->aliasMiddleware('verified', \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class);
             }
-            
-            if(! in_array('signed', array_keys($routeMiddlewares))) {
+
+            if (! in_array('signed', array_keys($routeMiddlewares))) {
                 $router->aliasMiddleware('signed', \Illuminate\Routing\Middleware\ValidateSignature::class);
             }
 
diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index 97429a0424..811395ea87 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -2,14 +2,15 @@
 
 namespace Backpack\CRUD\app\Http\Controllers\Auth;
 
-use Illuminate\Routing\Controller;
 use Backpack\CRUD\app\Http\Requests\EmailVerificationRequest;
-use Prologue\Alerts\Facades\Alert;
 use Illuminate\Http\Request;
+use Illuminate\Routing\Controller;
+use Prologue\Alerts\Facades\Alert;
 
 class VerifyEmailController extends Controller
 {
     public null|string $redirectTo = null;
+
     /**
      * Create a new controller instance.
      *
@@ -28,7 +29,7 @@ public function __construct()
         $this->redirectTo = property_exists($this, 'redirectTo') && $this->redirectTo ? $this->redirectTo : backpack_url('dashboard');
     }
 
-    public function emailVerificationRequired() : \Illuminate\Contracts\View\View
+    public function emailVerificationRequired(): \Illuminate\Contracts\View\View
     {
         return view(backpack_view('auth.verify-email'));
     }
@@ -38,7 +39,7 @@ public function emailVerificationRequired() : \Illuminate\Contracts\View\View
      *
      * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
      */
-    public function verifyEmail(EmailVerificationRequest $request) 
+    public function verifyEmail(EmailVerificationRequest $request)
     {
         $request->fulfill();
 
@@ -48,12 +49,12 @@ public function verifyEmail(EmailVerificationRequest $request)
     /**
      * Resend the email verification notification.
      */
-    public function resendVerificationEmail(Request $request) : \Illuminate\Http\RedirectResponse
+    public function resendVerificationEmail(Request $request): \Illuminate\Http\RedirectResponse
     {
         $request->user(backpack_guard_name())->sendEmailVerificationNotification();
-        
+
         Alert::success('Email verification link sent successfully.')->flash();
 
-        return back()->with('status', 'verification-link-sent');  
+        return back()->with('status', 'verification-link-sent');
     }
-}
\ No newline at end of file
+}
diff --git a/src/app/Http/Middleware/EnsureEmailVerification.php b/src/app/Http/Middleware/EnsureEmailVerification.php
index cce53f16b2..2e18199c0a 100644
--- a/src/app/Http/Middleware/EnsureEmailVerification.php
+++ b/src/app/Http/Middleware/EnsureEmailVerification.php
@@ -16,15 +16,17 @@ class EnsureEmailVerification
     public function handle($request, Closure $next)
     {
         // if the route name is not one of the verification process, run the verification middleware
-        if (!in_array($request->route()->getName(), ['verification.notice', 'verification.verify', 'verification.send'])) {
+        if (! in_array($request->route()->getName(), ['verification.notice', 'verification.verify', 'verification.send'])) {
             // the Laravel middleware needs the user resolver to be set with the backpack guard
             $userResolver = $request->getUserResolver();
             $request->setUserResolver(function () use ($userResolver) {
                 return $userResolver(backpack_guard_name());
             });
             $verifiedMiddleware = new (app('router')->getMiddleware()['verified'])();
+
             return $verifiedMiddleware->handle($request, $next);
         }
+
         return $next($request);
     }
 }
diff --git a/src/app/Http/Requests/EmailVerificationRequest.php b/src/app/Http/Requests/EmailVerificationRequest.php
index 665287e635..d1539f625a 100644
--- a/src/app/Http/Requests/EmailVerificationRequest.php
+++ b/src/app/Http/Requests/EmailVerificationRequest.php
@@ -6,9 +6,8 @@
 
 class EmailVerificationRequest extends OriginalEmailVerificationRequest
 {
-    
     public function user($guard = null)
     {
         return parent::user(backpack_guard_name());
     }
-}
\ No newline at end of file
+}
diff --git a/src/resources/lang/en/base.php b/src/resources/lang/en/base.php
index 0aff9d2d5d..179119a985 100644
--- a/src/resources/lang/en/base.php
+++ b/src/resources/lang/en/base.php
@@ -90,5 +90,5 @@
         'email_verification_required' => 'Thanks for signing up! Before getting started, could you verify your email address by clicking on the link we just emailed to you? If you didn\'t receive the email, we will gladly send you another.',
         'resend_verification_link' => 'Resend verification link',
         'email_subject'   => 'Verify your email address',
-    ]
+    ],
 ];

From 5e83e25ef3611396f45c89fabfe1cd17b4a36673 Mon Sep 17 00:00:00 2001
From: Pedro Martins <pxpm88@gmail.com>
Date: Tue, 29 Aug 2023 15:41:06 +0100
Subject: [PATCH 05/27] Update
 src/app/Http/Controllers/Auth/VerifyEmailController.php

---
 src/app/Http/Controllers/Auth/VerifyEmailController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index 811395ea87..2a0f848150 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -26,7 +26,7 @@ public function __construct()
             abort(500, trans('backpack::base.no_email_column'));
         }
         // where to redirect after the email is verified
-        $this->redirectTo = property_exists($this, 'redirectTo') && $this->redirectTo ? $this->redirectTo : backpack_url('dashboard');
+        $this->redirectTo = $this->redirectTo !== null ? $this->redirectTo : backpack_url('dashboard');
     }
 
     public function emailVerificationRequired(): \Illuminate\Contracts\View\View

From 84969dac45c816685421cace111f5fa563008e6e Mon Sep 17 00:00:00 2001
From: Pedro Martins <pxpm88@gmail.com>
Date: Tue, 29 Aug 2023 17:07:08 +0100
Subject: [PATCH 06/27] Update src/config/backpack/base.php

---
 src/config/backpack/base.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/config/backpack/base.php b/src/config/backpack/base.php
index b993afdc96..404e053aa9 100644
--- a/src/config/backpack/base.php
+++ b/src/config/backpack/base.php
@@ -59,8 +59,7 @@
     // Set this to true if you would like to enable email verification for your Authenticable model.
     // Make sure your Authenticable model implements the MustVerifyEmail contract and your
     // database table contains the email_verified_at column.
-    // https://laravel.com/docs/10.x/verification#model-preparation
-    // https://laravel.com/docs/10.x/verification#database-preparation
+    // https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes
     'setup_email_verification_routes' => false,
 
     // How many times in any given time period should the user be allowed to

From 99de011295471c7b3020c9b98a5ef1440e6ea1e5 Mon Sep 17 00:00:00 2001
From: Pedro Martins <pxpm88@gmail.com>
Date: Tue, 29 Aug 2023 21:15:12 +0100
Subject: [PATCH 07/27] Update src/resources/lang/en/base.php
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Cristian Tăbăcitu <cristitabacitu@gmail.com>
---
 src/resources/lang/en/base.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/resources/lang/en/base.php b/src/resources/lang/en/base.php
index 179119a985..b52b94f083 100644
--- a/src/resources/lang/en/base.php
+++ b/src/resources/lang/en/base.php
@@ -87,7 +87,7 @@
 
     'verify_email' => [
         'verification_link_sent' => 'A new verification link has been sent to the email address you provided during registration.',
-        'email_verification_required' => 'Thanks for signing up! Before getting started, could you verify your email address by clicking on the link we just emailed to you? If you didn\'t receive the email, we will gladly send you another.',
+        'email_verification_required' => 'Please verify your email address, by clicking on the link we\'ve sent you.',
         'resend_verification_link' => 'Resend verification link',
         'email_subject'   => 'Verify your email address',
     ],

From f75314ca4a1dd4d955905a0e2253d98d0daf7dbb Mon Sep 17 00:00:00 2001
From: Pedro Martins <pxpm88@gmail.com>
Date: Tue, 29 Aug 2023 21:15:42 +0100
Subject: [PATCH 08/27] Update src/resources/lang/en/base.php
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Cristian Tăbăcitu <cristitabacitu@gmail.com>
---
 src/resources/lang/en/base.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/resources/lang/en/base.php b/src/resources/lang/en/base.php
index b52b94f083..c581848332 100644
--- a/src/resources/lang/en/base.php
+++ b/src/resources/lang/en/base.php
@@ -86,7 +86,7 @@
     'throttled_request'    => 'You have exceeded the limit of tries. Please wait a few minutes and try again.',
 
     'verify_email' => [
-        'verification_link_sent' => 'A new verification link has been sent to the email address you provided during registration.',
+        'verification_link_sent' => 'A verification link has been sent to your email address.',
         'email_verification_required' => 'Please verify your email address, by clicking on the link we\'ve sent you.',
         'resend_verification_link' => 'Resend verification link',
         'email_subject'   => 'Verify your email address',

From 14ee78ebc169368af9b3e4a92534d09bd10c9cdc Mon Sep 17 00:00:00 2001
From: Pedro X <pxpm88@gmail.com>
Date: Tue, 29 Aug 2023 22:07:37 +0100
Subject: [PATCH 09/27] dont alias signed and verified middlewares

---
 src/BackpackServiceProvider.php | 16 +---------------
 1 file changed, 1 insertion(+), 15 deletions(-)

diff --git a/src/BackpackServiceProvider.php b/src/BackpackServiceProvider.php
index 555827eb41..9b1d37d5d7 100644
--- a/src/BackpackServiceProvider.php
+++ b/src/BackpackServiceProvider.php
@@ -131,22 +131,8 @@ public function registerMiddlewareGroup(Router $router)
             $router->aliasMiddleware('backpack.throttle.password.recovery', ThrottlePasswordRecovery::class);
         }
 
-        // register the verified middleware in the backpack middleware group
-        // but only if functionality is enabled by developer in config
+        // register the email verification middleware, if the developer the config is enabled
         if (config('backpack.base.setup_email_verification_routes', false)) {
-            // developers that updated to 10.x but didn't add the aliases into their Kernel.php
-            // would get an error when trying to use the verified/signed middlewares
-            // we ensure they'r properly aliased if not previously set by developer
-            $routeMiddlewares = $router->getMiddleware();
-
-            if (! in_array('verified', array_keys($routeMiddlewares))) {
-                $router->aliasMiddleware('verified', \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class);
-            }
-
-            if (! in_array('signed', array_keys($routeMiddlewares))) {
-                $router->aliasMiddleware('signed', \Illuminate\Routing\Middleware\ValidateSignature::class);
-            }
-
             $router->pushMiddlewareToGroup($middleware_key, EnsureEmailVerification::class);
         }
     }

From cd092b7b584d6b1ce077c301d44cf90ede5e14c6 Mon Sep 17 00:00:00 2001
From: Pedro X <pxpm88@gmail.com>
Date: Tue, 29 Aug 2023 22:31:53 +0100
Subject: [PATCH 10/27] small fixes

---
 src/config/backpack/base.php   | 2 +-
 src/resources/lang/en/base.php | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/config/backpack/base.php b/src/config/backpack/base.php
index 404e053aa9..2a557ace46 100644
--- a/src/config/backpack/base.php
+++ b/src/config/backpack/base.php
@@ -65,7 +65,7 @@
     // How many times in any given time period should the user be allowed to
     // request a new verification email?
     // Defaults to 1,10 - 1 time in 10 minutes.
-    'email_verification_throttle_access' => '2,10',
+    'email_verification_throttle_access' => '1,10',
 
     /*
     |--------------------------------------------------------------------------
diff --git a/src/resources/lang/en/base.php b/src/resources/lang/en/base.php
index c581848332..18e585dfba 100644
--- a/src/resources/lang/en/base.php
+++ b/src/resources/lang/en/base.php
@@ -86,9 +86,9 @@
     'throttled_request'    => 'You have exceeded the limit of tries. Please wait a few minutes and try again.',
 
     'verify_email' => [
+        'email_verification' => 'Email Verification',
         'verification_link_sent' => 'A verification link has been sent to your email address.',
         'email_verification_required' => 'Please verify your email address, by clicking on the link we\'ve sent you.',
-        'resend_verification_link' => 'Resend verification link',
-        'email_subject'   => 'Verify your email address',
+        'resend_verification_link' => 'Resend link',
     ],
 ];

From fa361819245a6ce603d64753be68974ebaab3fee Mon Sep 17 00:00:00 2001
From: Pedro X <pxpm88@gmail.com>
Date: Wed, 30 Aug 2023 15:11:06 +0100
Subject: [PATCH 11/27] add verification to middleware aliases

---
 .../Http/Controllers/Auth/VerifyEmailController.php   | 11 ++++++++++-
 src/app/Http/Middleware/EnsureEmailVerification.php   |  9 +++++++--
 src/resources/views/ui/errors/layout.blade.php        |  9 +++++++--
 3 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index 2a0f848150..e866ef5f30 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -6,6 +6,8 @@
 use Illuminate\Http\Request;
 use Illuminate\Routing\Controller;
 use Prologue\Alerts\Facades\Alert;
+use Throwable;
+use Exception;
 
 class VerifyEmailController extends Controller
 {
@@ -19,7 +21,14 @@ class VerifyEmailController extends Controller
     public function __construct()
     {
         $this->middleware(backpack_middleware());
-        $this->middleware('signed')->only('verifyEmail');
+
+        try {
+            $signedMiddleware = new (app('router')->getMiddleware()['signed'])();
+        }catch(Throwable) {
+            throw new Exception('Missing "signed" alias middleware in App/Http/Kernel.php. More info: https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes');
+        }
+
+        $this->middleware($signedMiddleware)->only('verifyEmail');
         $this->middleware('throttle:'.config('backpack.base.email_verification_throttle_access'))->only('resendVerificationEmail');
 
         if (! backpack_users_have_email()) {
diff --git a/src/app/Http/Middleware/EnsureEmailVerification.php b/src/app/Http/Middleware/EnsureEmailVerification.php
index 2e18199c0a..31437d4143 100644
--- a/src/app/Http/Middleware/EnsureEmailVerification.php
+++ b/src/app/Http/Middleware/EnsureEmailVerification.php
@@ -3,6 +3,8 @@
 namespace Backpack\CRUD\app\Http\Middleware;
 
 use Closure;
+use Exception; 
+use Throwable;
 
 class EnsureEmailVerification
 {
@@ -22,8 +24,11 @@ public function handle($request, Closure $next)
             $request->setUserResolver(function () use ($userResolver) {
                 return $userResolver(backpack_guard_name());
             });
-            $verifiedMiddleware = new (app('router')->getMiddleware()['verified'])();
-
+            try {
+                $verifiedMiddleware = new (app('router')->getMiddleware()['verified'])();
+            }catch(Throwable) {
+                throw new Exception('Missing "verified" alias middleware in App/Http/Kernel.php. More info: https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes');
+            }
             return $verifiedMiddleware->handle($request, $next);
         }
 
diff --git a/src/resources/views/ui/errors/layout.blade.php b/src/resources/views/ui/errors/layout.blade.php
index 7ce60b3fca..1374bb90ad 100644
--- a/src/resources/views/ui/errors/layout.blade.php
+++ b/src/resources/views/ui/errors/layout.blade.php
@@ -1,5 +1,10 @@
-@extends(backpack_view(backpack_user() && backpack_theme_config('layout') ? 'layouts.'.backpack_theme_config('layout') : 'errors.blank'))
+@php
+  // check if user is logged in and verified
+  $isLoggedInAndVerified = backpack_user() && (config('backpack.base.setup_email_verification_routes', false) ? backpack_user()->hasVerifiedEmail() : true);
+@endphp
+
 {{-- show error using sidebar layout if looged in AND on an admin page; otherwise use a blank page --}}
+@extends(backpack_view($isLoggedInAndVerified && backpack_theme_config('layout') ? 'layouts.'.backpack_theme_config('layout') : 'errors.blank'))
 
 @section('content')
 <div class="row">
@@ -12,7 +17,7 @@
     <div class="error_title text-muted">
       @yield('title')
     </div>
-    @if(backpack_user())
+    @if($isLoggedInAndVerified)
     <div class="error_description text-muted">
       <small>
         @yield('description')

From 52c1341a9478721b505d0ba558faa0b8d204e027 Mon Sep 17 00:00:00 2001
From: StyleCI Bot <bot@styleci.io>
Date: Wed, 30 Aug 2023 14:11:21 +0000
Subject: [PATCH 12/27] Apply fixes from StyleCI

[ci skip] [skip ci]
---
 src/app/Http/Controllers/Auth/VerifyEmailController.php | 4 ++--
 src/app/Http/Middleware/EnsureEmailVerification.php     | 5 +++--
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index e866ef5f30..05013be02d 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -3,11 +3,11 @@
 namespace Backpack\CRUD\app\Http\Controllers\Auth;
 
 use Backpack\CRUD\app\Http\Requests\EmailVerificationRequest;
+use Exception;
 use Illuminate\Http\Request;
 use Illuminate\Routing\Controller;
 use Prologue\Alerts\Facades\Alert;
 use Throwable;
-use Exception;
 
 class VerifyEmailController extends Controller
 {
@@ -24,7 +24,7 @@ public function __construct()
 
         try {
             $signedMiddleware = new (app('router')->getMiddleware()['signed'])();
-        }catch(Throwable) {
+        } catch(Throwable) {
             throw new Exception('Missing "signed" alias middleware in App/Http/Kernel.php. More info: https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes');
         }
 
diff --git a/src/app/Http/Middleware/EnsureEmailVerification.php b/src/app/Http/Middleware/EnsureEmailVerification.php
index 31437d4143..53eb8a71b8 100644
--- a/src/app/Http/Middleware/EnsureEmailVerification.php
+++ b/src/app/Http/Middleware/EnsureEmailVerification.php
@@ -3,7 +3,7 @@
 namespace Backpack\CRUD\app\Http\Middleware;
 
 use Closure;
-use Exception; 
+use Exception;
 use Throwable;
 
 class EnsureEmailVerification
@@ -26,9 +26,10 @@ public function handle($request, Closure $next)
             });
             try {
                 $verifiedMiddleware = new (app('router')->getMiddleware()['verified'])();
-            }catch(Throwable) {
+            } catch(Throwable) {
                 throw new Exception('Missing "verified" alias middleware in App/Http/Kernel.php. More info: https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes');
             }
+
             return $verifiedMiddleware->handle($request, $next);
         }
 

From 15fe548376407f2ce0bf5296fa8f55e486aec5d7 Mon Sep 17 00:00:00 2001
From: Pedro X <pxpm88@gmail.com>
Date: Wed, 30 Aug 2023 18:31:38 +0100
Subject: [PATCH 13/27] fixes

---
 src/BackpackServiceProvider.php               |  4 +-
 .../Controllers/Auth/RegisterController.php   |  8 ++--
 .../Auth/VerifyEmailController.php            | 44 +++++++++++++++----
 .../Requests/EmailVerificationRequest.php     | 11 ++++-
 src/app/Library/Auth/AuthenticatesUsers.php   | 13 ++++++
 src/config/backpack/base.php                  | 11 +++--
 .../views/ui/errors/layout.blade.php          | 11 ++---
 7 files changed, 76 insertions(+), 26 deletions(-)

diff --git a/src/BackpackServiceProvider.php b/src/BackpackServiceProvider.php
index 9b1d37d5d7..9e6c42e93a 100644
--- a/src/BackpackServiceProvider.php
+++ b/src/BackpackServiceProvider.php
@@ -131,8 +131,8 @@ public function registerMiddlewareGroup(Router $router)
             $router->aliasMiddleware('backpack.throttle.password.recovery', ThrottlePasswordRecovery::class);
         }
 
-        // register the email verification middleware, if the developer the config is enabled
-        if (config('backpack.base.setup_email_verification_routes', false)) {
+        // register the email verification middleware, if the developer enabled it in the config.
+        if (config('backpack.base.setup_email_verification_routes', false) && config('backpack.base.add_verified_to_backpack_middleware', true)) {
             $router->pushMiddlewareToGroup($middleware_key, EnsureEmailVerification::class);
         }
     }
diff --git a/src/app/Http/Controllers/Auth/RegisterController.php b/src/app/Http/Controllers/Auth/RegisterController.php
index ea78890b47..27b8f965a7 100644
--- a/src/app/Http/Controllers/Auth/RegisterController.php
+++ b/src/app/Http/Controllers/Auth/RegisterController.php
@@ -6,6 +6,7 @@
 use Illuminate\Auth\Events\Registered;
 use Illuminate\Http\Request;
 use Illuminate\Routing\Controller;
+use Illuminate\Support\Facades\Cookie;
 use Illuminate\Support\Facades\Validator;
 
 class RegisterController extends Controller
@@ -113,12 +114,13 @@ public function register(Request $request)
         $user = $this->create($request->all());
 
         event(new Registered($user));
-        $this->guard()->login($user);
-
         if (config('backpack.base.setup_email_verification_routes')) {
-            return view(backpack_view('auth.verify_email'));
+            Cookie::queue('backpack_email_verification', $user->{config('backpack.base.email_column')}, 30);
+            return redirect(route('verification.notice'));
         }
 
+        $this->guard()->login($user);
+
         return redirect($this->redirectPath());
     }
 
diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index e866ef5f30..9e3895a34c 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -6,8 +6,8 @@
 use Illuminate\Http\Request;
 use Illuminate\Routing\Controller;
 use Prologue\Alerts\Facades\Alert;
-use Throwable;
 use Exception;
+use Illuminate\Support\Facades\Cookie;
 
 class VerifyEmailController extends Controller
 {
@@ -20,15 +20,11 @@ class VerifyEmailController extends Controller
      */
     public function __construct()
     {
-        $this->middleware(backpack_middleware());
-
-        try {
-            $signedMiddleware = new (app('router')->getMiddleware()['signed'])();
-        }catch(Throwable) {
+        if(! app('router')->getMiddleware()['signed'] ?? null) {
             throw new Exception('Missing "signed" alias middleware in App/Http/Kernel.php. More info: https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes');
         }
 
-        $this->middleware($signedMiddleware)->only('verifyEmail');
+        $this->middleware('signed')->only('verifyEmail');
         $this->middleware('throttle:'.config('backpack.base.email_verification_throttle_access'))->only('resendVerificationEmail');
 
         if (! backpack_users_have_email()) {
@@ -38,8 +34,14 @@ public function __construct()
         $this->redirectTo = $this->redirectTo !== null ? $this->redirectTo : backpack_url('dashboard');
     }
 
-    public function emailVerificationRequired(): \Illuminate\Contracts\View\View
+    public function emailVerificationRequired(): \Illuminate\Contracts\View\View|\Illuminate\Http\RedirectResponse
     {
+        $user = $this->getUserFromCookie();
+
+        if (! $user) {
+            return redirect()->route('backpack.auth.login');
+        }
+
         return view(backpack_view('auth.verify-email'));
     }
 
@@ -50,6 +52,12 @@ public function emailVerificationRequired(): \Illuminate\Contracts\View\View
      */
     public function verifyEmail(EmailVerificationRequest $request)
     {
+        $user = $this->getUser($request);
+
+        if (! $user) {
+            return redirect()->route('backpack.auth.login');
+        }
+
         $request->fulfill();
 
         return redirect($this->redirectTo);
@@ -60,10 +68,28 @@ public function verifyEmail(EmailVerificationRequest $request)
      */
     public function resendVerificationEmail(Request $request): \Illuminate\Http\RedirectResponse
     {
-        $request->user(backpack_guard_name())->sendEmailVerificationNotification();
+        $user = $this->getUser($request);
 
+        if(! $user) {
+            return redirect()->route('backpack.auth.login');
+        }
+            
+        $user->sendEmailVerificationNotification();
         Alert::success('Email verification link sent successfully.')->flash();
 
         return back()->with('status', 'verification-link-sent');
     }
+
+    private function getUser(Request $request): ?\Illuminate\Contracts\Auth\MustVerifyEmail
+    {
+        return $request->user(backpack_guard_name()) ?? $this->getUserFromCookie();
+    }
+    
+    private function getUserFromCookie(): ?\Illuminate\Contracts\Auth\MustVerifyEmail
+    {
+        if (Cookie::has('backpack_email_verification')) {
+            return config('backpack.base.user_model_fqn')::where('email', Cookie::get('backpack_email_verification'))->first();
+        }
+        return null;
+    }
 }
diff --git a/src/app/Http/Requests/EmailVerificationRequest.php b/src/app/Http/Requests/EmailVerificationRequest.php
index d1539f625a..224633db94 100644
--- a/src/app/Http/Requests/EmailVerificationRequest.php
+++ b/src/app/Http/Requests/EmailVerificationRequest.php
@@ -3,11 +3,20 @@
 namespace Backpack\CRUD\app\Http\Requests;
 
 use Illuminate\Foundation\Auth\EmailVerificationRequest as OriginalEmailVerificationRequest;
+use Illuminate\Support\Facades\Cookie;
 
 class EmailVerificationRequest extends OriginalEmailVerificationRequest
 {
     public function user($guard = null)
     {
-        return parent::user(backpack_guard_name());
+        return parent::user(backpack_guard_name()) ?? $this->getUserFromCookie();
+    }
+
+    private function getUserFromCookie()
+    {
+        if (Cookie::has('backpack_email_verification')) {
+            return config('backpack.base.user_model_fqn')::where('email', Cookie::get('backpack_email_verification'))->first();
+        }
+        return null;
     }
 }
diff --git a/src/app/Library/Auth/AuthenticatesUsers.php b/src/app/Library/Auth/AuthenticatesUsers.php
index a607d00d66..36821586b0 100644
--- a/src/app/Library/Auth/AuthenticatesUsers.php
+++ b/src/app/Library/Auth/AuthenticatesUsers.php
@@ -6,6 +6,7 @@
 use Illuminate\Http\Response;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Validation\ValidationException;
+use Illuminate\Support\Facades\Cookie;
 
 trait AuthenticatesUsers
 {
@@ -47,6 +48,18 @@ public function login(Request $request)
         }
 
         if ($this->attemptLogin($request)) {
+            if (config('backpack.base.setup_email_verification_routes', false) ) {
+                $user = $this->guard()->user();
+                if ($user->email_verified_at) {
+                    return $this->sendLoginResponse($request);
+                } else {
+                    $this->guard()->logout();
+                    Cookie::queue('backpack_email_verification', $user->{config('backpack.base.email_column')}, 30);
+                    return $request->wantsJson()
+                        ? new Response('Email verification required', 403)
+                        : redirect(route('verification.notice'));
+                }
+            }
             return $this->sendLoginResponse($request);
         }
 
diff --git a/src/config/backpack/base.php b/src/config/backpack/base.php
index 2a557ace46..71ac0dfb35 100644
--- a/src/config/backpack/base.php
+++ b/src/config/backpack/base.php
@@ -56,11 +56,16 @@
     // (you then need to manually define the routes in your web.php)
     'setup_password_recovery_routes' => true,
 
-    // Set this to true if you would like to enable email verification for your Authenticable model.
-    // Make sure your Authenticable model implements the MustVerifyEmail contract and your
-    // database table contains the email_verified_at column.
+    // Set this to true if you would like to enable email verification for your user model.
+    // Make sure your user model implements the MustVerifyEmail contract and your database 
+    // table contains the `email_verified_at` column. Read the following before enabling:
     // https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes
     'setup_email_verification_routes' => false,
+    
+    // We will automatically add the Verified middleware to the Backpack midleware group
+    // if you disable this you must manually add the verified route middleware to 
+    // the routes you would like to be accessed only by verified users.
+    'add_verified_to_backpack_middleware' => true,
 
     // How many times in any given time period should the user be allowed to
     // request a new verification email?
diff --git a/src/resources/views/ui/errors/layout.blade.php b/src/resources/views/ui/errors/layout.blade.php
index 1374bb90ad..39273768bb 100644
--- a/src/resources/views/ui/errors/layout.blade.php
+++ b/src/resources/views/ui/errors/layout.blade.php
@@ -1,10 +1,5 @@
-@php
-  // check if user is logged in and verified
-  $isLoggedInAndVerified = backpack_user() && (config('backpack.base.setup_email_verification_routes', false) ? backpack_user()->hasVerifiedEmail() : true);
-@endphp
-
-{{-- show error using sidebar layout if looged in AND on an admin page; otherwise use a blank page --}}
-@extends(backpack_view($isLoggedInAndVerified && backpack_theme_config('layout') ? 'layouts.'.backpack_theme_config('layout') : 'errors.blank'))
+{{-- show error using sidebar layout if logged in AND on an admin page; otherwise use a blank page --}}
+@extends(backpack_view(backpack_user() && backpack_theme_config('layout') ? 'layouts.'.backpack_theme_config('layout') : 'errors.blank'))
 
 @section('content')
 <div class="row">
@@ -17,7 +12,7 @@
     <div class="error_title text-muted">
       @yield('title')
     </div>
-    @if($isLoggedInAndVerified)
+    @if(backpack_user())
     <div class="error_description text-muted">
       <small>
         @yield('description')

From fbd760a398641c0255f24138f3934b8a44904266 Mon Sep 17 00:00:00 2001
From: StyleCI Bot <bot@styleci.io>
Date: Wed, 30 Aug 2023 17:32:51 +0000
Subject: [PATCH 14/27] Apply fixes from StyleCI

[ci skip] [skip ci]
---
 .../Http/Controllers/Auth/RegisterController.php    |  1 +
 .../Http/Controllers/Auth/VerifyEmailController.php | 13 +++++++------
 src/app/Http/Requests/EmailVerificationRequest.php  |  1 +
 src/app/Library/Auth/AuthenticatesUsers.php         |  6 ++++--
 src/config/backpack/base.php                        |  6 +++---
 5 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/src/app/Http/Controllers/Auth/RegisterController.php b/src/app/Http/Controllers/Auth/RegisterController.php
index 27b8f965a7..e68e42e2cd 100644
--- a/src/app/Http/Controllers/Auth/RegisterController.php
+++ b/src/app/Http/Controllers/Auth/RegisterController.php
@@ -116,6 +116,7 @@ public function register(Request $request)
         event(new Registered($user));
         if (config('backpack.base.setup_email_verification_routes')) {
             Cookie::queue('backpack_email_verification', $user->{config('backpack.base.email_column')}, 30);
+
             return redirect(route('verification.notice'));
         }
 
diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index a705b961de..f644f33166 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -4,11 +4,11 @@
 
 use Backpack\CRUD\app\Http\Requests\EmailVerificationRequest;
 use Exception;
+use Exception;
 use Illuminate\Http\Request;
 use Illuminate\Routing\Controller;
-use Prologue\Alerts\Facades\Alert;
-use Exception;
 use Illuminate\Support\Facades\Cookie;
+use Prologue\Alerts\Facades\Alert;
 
 class VerifyEmailController extends Controller
 {
@@ -21,7 +21,7 @@ class VerifyEmailController extends Controller
      */
     public function __construct()
     {
-        if(! app('router')->getMiddleware()['signed'] ?? null) {
+        if (! app('router')->getMiddleware()['signed'] ?? null) {
             throw new Exception('Missing "signed" alias middleware in App/Http/Kernel.php. More info: https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes');
         }
 
@@ -71,10 +71,10 @@ public function resendVerificationEmail(Request $request): \Illuminate\Http\Redi
     {
         $user = $this->getUser($request);
 
-        if(! $user) {
+        if (! $user) {
             return redirect()->route('backpack.auth.login');
         }
-            
+
         $user->sendEmailVerificationNotification();
         Alert::success('Email verification link sent successfully.')->flash();
 
@@ -85,12 +85,13 @@ private function getUser(Request $request): ?\Illuminate\Contracts\Auth\MustVeri
     {
         return $request->user(backpack_guard_name()) ?? $this->getUserFromCookie();
     }
-    
+
     private function getUserFromCookie(): ?\Illuminate\Contracts\Auth\MustVerifyEmail
     {
         if (Cookie::has('backpack_email_verification')) {
             return config('backpack.base.user_model_fqn')::where('email', Cookie::get('backpack_email_verification'))->first();
         }
+
         return null;
     }
 }
diff --git a/src/app/Http/Requests/EmailVerificationRequest.php b/src/app/Http/Requests/EmailVerificationRequest.php
index 224633db94..2dd1daedc4 100644
--- a/src/app/Http/Requests/EmailVerificationRequest.php
+++ b/src/app/Http/Requests/EmailVerificationRequest.php
@@ -17,6 +17,7 @@ private function getUserFromCookie()
         if (Cookie::has('backpack_email_verification')) {
             return config('backpack.base.user_model_fqn')::where('email', Cookie::get('backpack_email_verification'))->first();
         }
+
         return null;
     }
 }
diff --git a/src/app/Library/Auth/AuthenticatesUsers.php b/src/app/Library/Auth/AuthenticatesUsers.php
index 36821586b0..98cf53fa63 100644
--- a/src/app/Library/Auth/AuthenticatesUsers.php
+++ b/src/app/Library/Auth/AuthenticatesUsers.php
@@ -5,8 +5,8 @@
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Validation\ValidationException;
 use Illuminate\Support\Facades\Cookie;
+use Illuminate\Validation\ValidationException;
 
 trait AuthenticatesUsers
 {
@@ -48,18 +48,20 @@ public function login(Request $request)
         }
 
         if ($this->attemptLogin($request)) {
-            if (config('backpack.base.setup_email_verification_routes', false) ) {
+            if (config('backpack.base.setup_email_verification_routes', false)) {
                 $user = $this->guard()->user();
                 if ($user->email_verified_at) {
                     return $this->sendLoginResponse($request);
                 } else {
                     $this->guard()->logout();
                     Cookie::queue('backpack_email_verification', $user->{config('backpack.base.email_column')}, 30);
+
                     return $request->wantsJson()
                         ? new Response('Email verification required', 403)
                         : redirect(route('verification.notice'));
                 }
             }
+
             return $this->sendLoginResponse($request);
         }
 
diff --git a/src/config/backpack/base.php b/src/config/backpack/base.php
index 71ac0dfb35..23466add24 100644
--- a/src/config/backpack/base.php
+++ b/src/config/backpack/base.php
@@ -57,13 +57,13 @@
     'setup_password_recovery_routes' => true,
 
     // Set this to true if you would like to enable email verification for your user model.
-    // Make sure your user model implements the MustVerifyEmail contract and your database 
+    // Make sure your user model implements the MustVerifyEmail contract and your database
     // table contains the `email_verified_at` column. Read the following before enabling:
     // https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes
     'setup_email_verification_routes' => false,
-    
+
     // We will automatically add the Verified middleware to the Backpack midleware group
-    // if you disable this you must manually add the verified route middleware to 
+    // if you disable this you must manually add the verified route middleware to
     // the routes you would like to be accessed only by verified users.
     'add_verified_to_backpack_middleware' => true,
 

From 1c36a61025de788a2a6279c70eb01ad339493306 Mon Sep 17 00:00:00 2001
From: Pedro Martins <pxpm88@gmail.com>
Date: Wed, 30 Aug 2023 21:19:43 +0100
Subject: [PATCH 15/27] Update
 src/app/Http/Controllers/Auth/VerifyEmailController.php
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Cristian Tăbăcitu <cristitabacitu@gmail.com>
---
 src/app/Http/Controllers/Auth/VerifyEmailController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index f644f33166..75e77687e4 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -89,7 +89,7 @@ private function getUser(Request $request): ?\Illuminate\Contracts\Auth\MustVeri
     private function getUserFromCookie(): ?\Illuminate\Contracts\Auth\MustVerifyEmail
     {
         if (Cookie::has('backpack_email_verification')) {
-            return config('backpack.base.user_model_fqn')::where('email', Cookie::get('backpack_email_verification'))->first();
+            return config('backpack.base.user_model_fqn')::where(config('backpack.base.email_column'), Cookie::get('backpack_email_verification'))->first();
         }
 
         return null;

From 6e213304ca97db2ce554a3d167dcdc9a4be7861b Mon Sep 17 00:00:00 2001
From: Pedro X <pxpm88@gmail.com>
Date: Wed, 30 Aug 2023 21:46:39 +0100
Subject: [PATCH 16/27] add invokable

---
 .../Auth/VerifyEmailController.php            | 19 +++++--------------
 .../Requests/EmailVerificationRequest.php     | 13 ++-----------
 src/app/Library/Auth/UserFromCookie.php       | 16 ++++++++++++++++
 3 files changed, 23 insertions(+), 25 deletions(-)
 create mode 100644 src/app/Library/Auth/UserFromCookie.php

diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index 75e77687e4..3f515aa999 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -3,11 +3,11 @@
 namespace Backpack\CRUD\app\Http\Controllers\Auth;
 
 use Backpack\CRUD\app\Http\Requests\EmailVerificationRequest;
+use Backpack\CRUD\app\Library\Auth\UserFromCookie;
 use Exception;
 use Exception;
 use Illuminate\Http\Request;
 use Illuminate\Routing\Controller;
-use Illuminate\Support\Facades\Cookie;
 use Prologue\Alerts\Facades\Alert;
 
 class VerifyEmailController extends Controller
@@ -35,10 +35,10 @@ public function __construct()
         $this->redirectTo = $this->redirectTo !== null ? $this->redirectTo : backpack_url('dashboard');
     }
 
-    public function emailVerificationRequired(): \Illuminate\Contracts\View\View|\Illuminate\Http\RedirectResponse
+    public function emailVerificationRequired(Request $request): \Illuminate\Contracts\View\View|\Illuminate\Http\RedirectResponse
     {
-        $user = $this->getUserFromCookie();
-
+        $user = $this->getUser($request);
+       
         if (! $user) {
             return redirect()->route('backpack.auth.login');
         }
@@ -83,15 +83,6 @@ public function resendVerificationEmail(Request $request): \Illuminate\Http\Redi
 
     private function getUser(Request $request): ?\Illuminate\Contracts\Auth\MustVerifyEmail
     {
-        return $request->user(backpack_guard_name()) ?? $this->getUserFromCookie();
-    }
-
-    private function getUserFromCookie(): ?\Illuminate\Contracts\Auth\MustVerifyEmail
-    {
-        if (Cookie::has('backpack_email_verification')) {
-            return config('backpack.base.user_model_fqn')::where(config('backpack.base.email_column'), Cookie::get('backpack_email_verification'))->first();
-        }
-
-        return null;
+        return $request->user(backpack_guard_name()) ?? (new UserFromCookie())();
     }
 }
diff --git a/src/app/Http/Requests/EmailVerificationRequest.php b/src/app/Http/Requests/EmailVerificationRequest.php
index 2dd1daedc4..ae527505cc 100644
--- a/src/app/Http/Requests/EmailVerificationRequest.php
+++ b/src/app/Http/Requests/EmailVerificationRequest.php
@@ -2,22 +2,13 @@
 
 namespace Backpack\CRUD\app\Http\Requests;
 
+use Backpack\CRUD\app\Library\Auth\UserFromCookie;
 use Illuminate\Foundation\Auth\EmailVerificationRequest as OriginalEmailVerificationRequest;
-use Illuminate\Support\Facades\Cookie;
 
 class EmailVerificationRequest extends OriginalEmailVerificationRequest
 {
     public function user($guard = null)
     {
-        return parent::user(backpack_guard_name()) ?? $this->getUserFromCookie();
-    }
-
-    private function getUserFromCookie()
-    {
-        if (Cookie::has('backpack_email_verification')) {
-            return config('backpack.base.user_model_fqn')::where('email', Cookie::get('backpack_email_verification'))->first();
-        }
-
-        return null;
+        return parent::user(backpack_guard_name()) ?? (new UserFromCookie())();
     }
 }
diff --git a/src/app/Library/Auth/UserFromCookie.php b/src/app/Library/Auth/UserFromCookie.php
new file mode 100644
index 0000000000..0ad3620f86
--- /dev/null
+++ b/src/app/Library/Auth/UserFromCookie.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace Backpack\CRUD\app\Library\Auth;
+
+use Illuminate\Support\Facades\Cookie;
+
+class UserFromCookie
+{
+    public function __invoke(): ?\Illuminate\Contracts\Auth\MustVerifyEmail
+    {
+        if (Cookie::has('backpack_email_verification')) {
+            return config('backpack.base.user_model_fqn')::where(config('backpack.base.email_column'), Cookie::get('backpack_email_verification'))->first();
+        }
+        return null;
+    }
+}
\ No newline at end of file

From 7ea81fa1c27349abdcf7549553e2d3d8c932e055 Mon Sep 17 00:00:00 2001
From: Pedro X <pxpm88@gmail.com>
Date: Wed, 30 Aug 2023 21:57:52 +0100
Subject: [PATCH 17/27] move to function

---
 src/app/Library/Auth/AuthenticatesUsers.php | 29 +++++++++++++--------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/src/app/Library/Auth/AuthenticatesUsers.php b/src/app/Library/Auth/AuthenticatesUsers.php
index 98cf53fa63..5e6a8a0128 100644
--- a/src/app/Library/Auth/AuthenticatesUsers.php
+++ b/src/app/Library/Auth/AuthenticatesUsers.php
@@ -49,17 +49,7 @@ public function login(Request $request)
 
         if ($this->attemptLogin($request)) {
             if (config('backpack.base.setup_email_verification_routes', false)) {
-                $user = $this->guard()->user();
-                if ($user->email_verified_at) {
-                    return $this->sendLoginResponse($request);
-                } else {
-                    $this->guard()->logout();
-                    Cookie::queue('backpack_email_verification', $user->{config('backpack.base.email_column')}, 30);
-
-                    return $request->wantsJson()
-                        ? new Response('Email verification required', 403)
-                        : redirect(route('verification.notice'));
-                }
+                $this->verifyUserBeforeLogin($request);
             }
 
             return $this->sendLoginResponse($request);
@@ -214,4 +204,21 @@ protected function guard()
     {
         return Auth::guard();
     }
+
+    private function verifyUserBeforeLogin(Request $request): Response|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
+    {
+        $user = $this->guard()->user();
+        if ($user->email_verified_at) {
+            // if the user is verified send the normal login response
+            return $this->sendLoginResponse($request);
+        } else {
+            $this->guard()->logout();
+            // add a cookie for 30m to remember the email address that needs to be verified
+            Cookie::queue('backpack_email_verification', $user->{config('backpack.base.email_column')}, 30);
+
+            return $request->wantsJson()
+                ? new Response('Email verification required', 403)
+                : redirect(route('verification.notice'));
+        }
+    }
 }

From 25bc08c2fc52ed02115a32df3fbb622fb0fc4fc3 Mon Sep 17 00:00:00 2001
From: StyleCI Bot <bot@styleci.io>
Date: Wed, 30 Aug 2023 20:58:06 +0000
Subject: [PATCH 18/27] Apply fixes from StyleCI

[ci skip] [skip ci]
---
 src/app/Http/Controllers/Auth/VerifyEmailController.php | 2 +-
 src/app/Library/Auth/UserFromCookie.php                 | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index 3f515aa999..fb87f33dfb 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -38,7 +38,7 @@ public function __construct()
     public function emailVerificationRequired(Request $request): \Illuminate\Contracts\View\View|\Illuminate\Http\RedirectResponse
     {
         $user = $this->getUser($request);
-       
+
         if (! $user) {
             return redirect()->route('backpack.auth.login');
         }
diff --git a/src/app/Library/Auth/UserFromCookie.php b/src/app/Library/Auth/UserFromCookie.php
index 0ad3620f86..56b76c0d06 100644
--- a/src/app/Library/Auth/UserFromCookie.php
+++ b/src/app/Library/Auth/UserFromCookie.php
@@ -11,6 +11,7 @@ public function __invoke(): ?\Illuminate\Contracts\Auth\MustVerifyEmail
         if (Cookie::has('backpack_email_verification')) {
             return config('backpack.base.user_model_fqn')::where(config('backpack.base.email_column'), Cookie::get('backpack_email_verification'))->first();
         }
+
         return null;
     }
-}
\ No newline at end of file
+}

From d2d89584cee5735316a6351fad0c333169753e65 Mon Sep 17 00:00:00 2001
From: Pedro X <pxpm88@gmail.com>
Date: Wed, 30 Aug 2023 22:00:02 +0100
Subject: [PATCH 19/27] return early

---
 src/app/Library/Auth/AuthenticatesUsers.php | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/src/app/Library/Auth/AuthenticatesUsers.php b/src/app/Library/Auth/AuthenticatesUsers.php
index 5e6a8a0128..bd9aa7da16 100644
--- a/src/app/Library/Auth/AuthenticatesUsers.php
+++ b/src/app/Library/Auth/AuthenticatesUsers.php
@@ -208,17 +208,21 @@ protected function guard()
     private function verifyUserBeforeLogin(Request $request): Response|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
     {
         $user = $this->guard()->user();
+
         if ($user->email_verified_at) {
             // if the user is verified send the normal login response
             return $this->sendLoginResponse($request);
-        } else {
-            $this->guard()->logout();
-            // add a cookie for 30m to remember the email address that needs to be verified
-            Cookie::queue('backpack_email_verification', $user->{config('backpack.base.email_column')}, 30);
-
-            return $request->wantsJson()
-                ? new Response('Email verification required', 403)
-                : redirect(route('verification.notice'));
         }
+
+        // user is not yet verified, log him out
+        $this->guard()->logout();
+
+        // add a cookie for 30m to remember the email address that needs to be verified
+        Cookie::queue('backpack_email_verification', $user->{config('backpack.base.email_column')}, 30);
+
+        if ($request->wantsJson()) {
+            return new Response('Email verification required', 403);
+        }
+        return redirect(route('verification.notice'));
     }
 }

From d78729cb81a9b3940d4afe9ff779f81efa782ec4 Mon Sep 17 00:00:00 2001
From: StyleCI Bot <bot@styleci.io>
Date: Wed, 30 Aug 2023 21:00:16 +0000
Subject: [PATCH 20/27] Apply fixes from StyleCI

[ci skip] [skip ci]
---
 src/app/Library/Auth/AuthenticatesUsers.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/app/Library/Auth/AuthenticatesUsers.php b/src/app/Library/Auth/AuthenticatesUsers.php
index bd9aa7da16..529afe3af6 100644
--- a/src/app/Library/Auth/AuthenticatesUsers.php
+++ b/src/app/Library/Auth/AuthenticatesUsers.php
@@ -223,6 +223,7 @@ private function verifyUserBeforeLogin(Request $request): Response|\Illuminate\H
         if ($request->wantsJson()) {
             return new Response('Email verification required', 403);
         }
+
         return redirect(route('verification.notice'));
     }
 }

From 3dc83ee524c398f3077a3960d40bb958cb5f9bdf Mon Sep 17 00:00:00 2001
From: Pedro Martins <pxpm88@gmail.com>
Date: Thu, 31 Aug 2023 08:51:34 +0100
Subject: [PATCH 21/27] Apply suggestions from code review
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Cristian Tăbăcitu <cristitabacitu@gmail.com>
---
 src/BackpackServiceProvider.php               |  2 +-
 .../Auth/VerifyEmailController.php            |  2 +-
 .../Middleware/EnsureEmailVerification.php    | 31 ++++++++++---------
 src/app/Library/Auth/AuthenticatesUsers.php   |  4 +--
 src/config/backpack/base.php                  |  7 ++---
 5 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/src/BackpackServiceProvider.php b/src/BackpackServiceProvider.php
index 9e6c42e93a..66e0930f63 100644
--- a/src/BackpackServiceProvider.php
+++ b/src/BackpackServiceProvider.php
@@ -132,7 +132,7 @@ public function registerMiddlewareGroup(Router $router)
         }
 
         // register the email verification middleware, if the developer enabled it in the config.
-        if (config('backpack.base.setup_email_verification_routes', false) && config('backpack.base.add_verified_to_backpack_middleware', true)) {
+        if (config('backpack.base.setup_email_verification_routes', false) && config('backpack.base.setup_email_verification_middleware', true)) {
             $router->pushMiddlewareToGroup($middleware_key, EnsureEmailVerification::class);
         }
     }
diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index fb87f33dfb..32a65091f5 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -32,7 +32,7 @@ public function __construct()
             abort(500, trans('backpack::base.no_email_column'));
         }
         // where to redirect after the email is verified
-        $this->redirectTo = $this->redirectTo !== null ? $this->redirectTo : backpack_url('dashboard');
+        $this->redirectTo = $this->redirectTo ?? backpack_url('dashboard');
     }
 
     public function emailVerificationRequired(Request $request): \Illuminate\Contracts\View\View|\Illuminate\Http\RedirectResponse
diff --git a/src/app/Http/Middleware/EnsureEmailVerification.php b/src/app/Http/Middleware/EnsureEmailVerification.php
index 53eb8a71b8..fbc1aaf5e3 100644
--- a/src/app/Http/Middleware/EnsureEmailVerification.php
+++ b/src/app/Http/Middleware/EnsureEmailVerification.php
@@ -17,22 +17,23 @@ class EnsureEmailVerification
      */
     public function handle($request, Closure $next)
     {
-        // if the route name is not one of the verification process, run the verification middleware
-        if (! in_array($request->route()->getName(), ['verification.notice', 'verification.verify', 'verification.send'])) {
-            // the Laravel middleware needs the user resolver to be set with the backpack guard
-            $userResolver = $request->getUserResolver();
-            $request->setUserResolver(function () use ($userResolver) {
-                return $userResolver(backpack_guard_name());
-            });
-            try {
-                $verifiedMiddleware = new (app('router')->getMiddleware()['verified'])();
-            } catch(Throwable) {
-                throw new Exception('Missing "verified" alias middleware in App/Http/Kernel.php. More info: https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes');
-            }
-
-            return $verifiedMiddleware->handle($request, $next);
+        // if the route is one in the verification process, do nothing
+        if (in_array($request->route()->getName(), ['verification.notice', 'verification.verify', 'verification.send'])) {
+           return $next($request);
         }
+            
+         // the Laravel middleware needs the user resolver to be set with the backpack guard
+         $userResolver = $request->getUserResolver();
+         $request->setUserResolver(function () use ($userResolver) {
+             return $userResolver(backpack_guard_name());
+         });
+         
+         try {
+             $verifiedMiddleware = new (app('router')->getMiddleware()['verified'])();
+         } catch(Throwable) {
+             throw new Exception('Missing "verified" alias middleware in App/Http/Kernel.php. More info: https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes');
+         }
 
-        return $next($request);
+         return $verifiedMiddleware->handle($request, $next);        
     }
 }
diff --git a/src/app/Library/Auth/AuthenticatesUsers.php b/src/app/Library/Auth/AuthenticatesUsers.php
index 529afe3af6..93a472b620 100644
--- a/src/app/Library/Auth/AuthenticatesUsers.php
+++ b/src/app/Library/Auth/AuthenticatesUsers.php
@@ -209,9 +209,9 @@ private function verifyUserBeforeLogin(Request $request): Response|\Illuminate\H
     {
         $user = $this->guard()->user();
 
+        // if the user is already verified, do nothing
         if ($user->email_verified_at) {
-            // if the user is verified send the normal login response
-            return $this->sendLoginResponse($request);
+            return;
         }
 
         // user is not yet verified, log him out
diff --git a/src/config/backpack/base.php b/src/config/backpack/base.php
index 23466add24..5cc518b753 100644
--- a/src/config/backpack/base.php
+++ b/src/config/backpack/base.php
@@ -62,10 +62,9 @@
     // https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes
     'setup_email_verification_routes' => false,
 
-    // We will automatically add the Verified middleware to the Backpack midleware group
-    // if you disable this you must manually add the verified route middleware to
-    // the routes you would like to be accessed only by verified users.
-    'add_verified_to_backpack_middleware' => true,
+    // When email verification is enabled, automatically add the Verified middleware to Backpack routes?
+    // Set false if you want to use your own Verified middleware in `middleware_class`.
+    'setup_email_verification_middleware' => true,
 
     // How many times in any given time period should the user be allowed to
     // request a new verification email?

From 252bfa63bbaa64c054b051817d7ad38054437e78 Mon Sep 17 00:00:00 2001
From: StyleCI Bot <bot@styleci.io>
Date: Thu, 31 Aug 2023 07:51:43 +0000
Subject: [PATCH 22/27] Apply fixes from StyleCI

[ci skip] [skip ci]
---
 .../Middleware/EnsureEmailVerification.php    | 28 +++++++++----------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/app/Http/Middleware/EnsureEmailVerification.php b/src/app/Http/Middleware/EnsureEmailVerification.php
index fbc1aaf5e3..c641e9f2e2 100644
--- a/src/app/Http/Middleware/EnsureEmailVerification.php
+++ b/src/app/Http/Middleware/EnsureEmailVerification.php
@@ -19,21 +19,21 @@ public function handle($request, Closure $next)
     {
         // if the route is one in the verification process, do nothing
         if (in_array($request->route()->getName(), ['verification.notice', 'verification.verify', 'verification.send'])) {
-           return $next($request);
+            return $next($request);
         }
-            
-         // the Laravel middleware needs the user resolver to be set with the backpack guard
-         $userResolver = $request->getUserResolver();
-         $request->setUserResolver(function () use ($userResolver) {
-             return $userResolver(backpack_guard_name());
-         });
-         
-         try {
-             $verifiedMiddleware = new (app('router')->getMiddleware()['verified'])();
-         } catch(Throwable) {
-             throw new Exception('Missing "verified" alias middleware in App/Http/Kernel.php. More info: https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes');
-         }
 
-         return $verifiedMiddleware->handle($request, $next);        
+        // the Laravel middleware needs the user resolver to be set with the backpack guard
+        $userResolver = $request->getUserResolver();
+        $request->setUserResolver(function () use ($userResolver) {
+            return $userResolver(backpack_guard_name());
+        });
+
+        try {
+            $verifiedMiddleware = new (app('router')->getMiddleware()['verified'])();
+        } catch(Throwable) {
+            throw new Exception('Missing "verified" alias middleware in App/Http/Kernel.php. More info: https://backpackforlaravel.com/docs/6.x/base-how-to#enable-email-verification-in-backpack-routes');
+        }
+
+        return $verifiedMiddleware->handle($request, $next);
     }
 }

From 0910fc2b7caa533d230b97c0e18125e7b6e5b436 Mon Sep 17 00:00:00 2001
From: Pedro Martins <pxpm88@gmail.com>
Date: Thu, 31 Aug 2023 09:17:14 +0100
Subject: [PATCH 23/27] Apply suggestions from code review
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Cristian Tăbăcitu <cristitabacitu@gmail.com>
---
 .../Auth/VerifyEmailController.php            | 28 ++++++++-----------
 1 file changed, 12 insertions(+), 16 deletions(-)

diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index 32a65091f5..f773b00440 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -37,11 +37,7 @@ public function __construct()
 
     public function emailVerificationRequired(Request $request): \Illuminate\Contracts\View\View|\Illuminate\Http\RedirectResponse
     {
-        $user = $this->getUser($request);
-
-        if (! $user) {
-            return redirect()->route('backpack.auth.login');
-        }
+        $this->getUserOrRedirect($request);
 
         return view(backpack_view('auth.verify-email'));
     }
@@ -53,11 +49,7 @@ public function emailVerificationRequired(Request $request): \Illuminate\Contrac
      */
     public function verifyEmail(EmailVerificationRequest $request)
     {
-        $user = $this->getUser($request);
-
-        if (! $user) {
-            return redirect()->route('backpack.auth.login');
-        }
+        $this->getUserOrRedirect($request);
 
         $request->fulfill();
 
@@ -69,12 +61,7 @@ public function verifyEmail(EmailVerificationRequest $request)
      */
     public function resendVerificationEmail(Request $request): \Illuminate\Http\RedirectResponse
     {
-        $user = $this->getUser($request);
-
-        if (! $user) {
-            return redirect()->route('backpack.auth.login');
-        }
-
+        $user = $this->getUserOrRedirect($request);
         $user->sendEmailVerificationNotification();
         Alert::success('Email verification link sent successfully.')->flash();
 
@@ -85,4 +72,13 @@ private function getUser(Request $request): ?\Illuminate\Contracts\Auth\MustVeri
     {
         return $request->user(backpack_guard_name()) ?? (new UserFromCookie())();
     }
+
+    private function getUserOrRedirect(Request $request): ?\Illuminate\Contracts\Auth\MustVerifyEmail|\Illuminate\Http\RedirectResponse
+    {        
+        if ($user = $request->getUser($request)) {
+            return $user;
+        }
+        
+        return redirect()->route('backpack.auth.login');
+    }
 }

From 2e912acebb6acc30f5f530da44d7e3dba112fb2e Mon Sep 17 00:00:00 2001
From: Pedro X <pxpm88@gmail.com>
Date: Thu, 31 Aug 2023 09:20:47 +0100
Subject: [PATCH 24/27] fixes

---
 .../Http/Controllers/Auth/VerifyEmailController.php    | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index f773b00440..51e6b81b7a 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -5,7 +5,6 @@
 use Backpack\CRUD\app\Http\Requests\EmailVerificationRequest;
 use Backpack\CRUD\app\Library\Auth\UserFromCookie;
 use Exception;
-use Exception;
 use Illuminate\Http\Request;
 use Illuminate\Routing\Controller;
 use Prologue\Alerts\Facades\Alert;
@@ -62,6 +61,11 @@ public function verifyEmail(EmailVerificationRequest $request)
     public function resendVerificationEmail(Request $request): \Illuminate\Http\RedirectResponse
     {
         $user = $this->getUserOrRedirect($request);
+
+        if(is_a($user, \Illuminate\Http\RedirectResponse::class)) {
+            return $user;
+        }
+
         $user->sendEmailVerificationNotification();
         Alert::success('Email verification link sent successfully.')->flash();
 
@@ -73,9 +77,9 @@ private function getUser(Request $request): ?\Illuminate\Contracts\Auth\MustVeri
         return $request->user(backpack_guard_name()) ?? (new UserFromCookie())();
     }
 
-    private function getUserOrRedirect(Request $request): ?\Illuminate\Contracts\Auth\MustVerifyEmail|\Illuminate\Http\RedirectResponse
+    private function getUserOrRedirect(Request $request): \Illuminate\Contracts\Auth\MustVerifyEmail|\Illuminate\Http\RedirectResponse
     {        
-        if ($user = $request->getUser($request)) {
+        if ($user = $this->getUser($request)) {
             return $user;
         }
         

From d2a0f596797e3aed4f4ebce768c16fb37589406e Mon Sep 17 00:00:00 2001
From: Pedro X <pxpm88@gmail.com>
Date: Thu, 31 Aug 2023 09:38:24 +0100
Subject: [PATCH 25/27] fix

---
 src/app/Library/Auth/AuthenticatesUsers.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/app/Library/Auth/AuthenticatesUsers.php b/src/app/Library/Auth/AuthenticatesUsers.php
index 93a472b620..1991b4b88f 100644
--- a/src/app/Library/Auth/AuthenticatesUsers.php
+++ b/src/app/Library/Auth/AuthenticatesUsers.php
@@ -49,7 +49,7 @@ public function login(Request $request)
 
         if ($this->attemptLogin($request)) {
             if (config('backpack.base.setup_email_verification_routes', false)) {
-                $this->verifyUserBeforeLogin($request);
+                return $this->logoutIfEmailNotVerified($request);
             }
 
             return $this->sendLoginResponse($request);
@@ -205,15 +205,14 @@ protected function guard()
         return Auth::guard();
     }
 
-    private function verifyUserBeforeLogin(Request $request): Response|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
+    private function logoutIfEmailNotVerified(Request $request): Response|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
     {
         $user = $this->guard()->user();
 
         // if the user is already verified, do nothing
         if ($user->email_verified_at) {
-            return;
+            return $this->sendLoginResponse($request);
         }
-
         // user is not yet verified, log him out
         $this->guard()->logout();
 

From b0c2c500f60e13b4df11075943d4a728335611d6 Mon Sep 17 00:00:00 2001
From: StyleCI Bot <bot@styleci.io>
Date: Thu, 31 Aug 2023 08:38:40 +0000
Subject: [PATCH 26/27] Apply fixes from StyleCI

[ci skip] [skip ci]
---
 src/app/Http/Controllers/Auth/VerifyEmailController.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/app/Http/Controllers/Auth/VerifyEmailController.php b/src/app/Http/Controllers/Auth/VerifyEmailController.php
index 51e6b81b7a..dba7d26ce9 100644
--- a/src/app/Http/Controllers/Auth/VerifyEmailController.php
+++ b/src/app/Http/Controllers/Auth/VerifyEmailController.php
@@ -62,7 +62,7 @@ public function resendVerificationEmail(Request $request): \Illuminate\Http\Redi
     {
         $user = $this->getUserOrRedirect($request);
 
-        if(is_a($user, \Illuminate\Http\RedirectResponse::class)) {
+        if (is_a($user, \Illuminate\Http\RedirectResponse::class)) {
             return $user;
         }
 
@@ -78,11 +78,11 @@ private function getUser(Request $request): ?\Illuminate\Contracts\Auth\MustVeri
     }
 
     private function getUserOrRedirect(Request $request): \Illuminate\Contracts\Auth\MustVerifyEmail|\Illuminate\Http\RedirectResponse
-    {        
+    {
         if ($user = $this->getUser($request)) {
             return $user;
         }
-        
+
         return redirect()->route('backpack.auth.login');
     }
 }

From cbb430a59421212ce0432d679e3ac79bd5a2e0cf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cristian=20T=C4=83b=C4=83citu?= <cristitabacitu@gmail.com>
Date: Thu, 31 Aug 2023 12:09:05 +0300
Subject: [PATCH 27/27] Update src/config/backpack/base.php

---
 src/config/backpack/base.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/config/backpack/base.php b/src/config/backpack/base.php
index 5cc518b753..2dcd3a7410 100644
--- a/src/config/backpack/base.php
+++ b/src/config/backpack/base.php
@@ -69,7 +69,7 @@
     // How many times in any given time period should the user be allowed to
     // request a new verification email?
     // Defaults to 1,10 - 1 time in 10 minutes.
-    'email_verification_throttle_access' => '1,10',
+    'email_verification_throttle_access' => '3,15',
 
     /*
     |--------------------------------------------------------------------------